STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018:

The Tanium Server must be configured to only allow signed content to be imported.

DISA Rule

SV-93383r1_rule

Vulnerability Number

V-78677

Group Title

SRG-APP-000131

Rule Version

TANS-SV-000015

Severity

CAT II

CCI(s)

• CCI-001749 - The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.

Weight

10

Fix Recommendation

Contact Tanium for a corrected license file.

Check Contents

Note: This requirement only applies to Tanium implementations in production. If implementation being evaluated is in development, this requirement is "Not Applicable".

Access the Tanium Server through interactive logon.

Drill to Program Files >> Tanium >> Tanium Server.

Open the tanium.license in Notepad and search for "allow_unsigned_import".

If "allow unsigned_import" is followed by ":true", this is a finding.

Vulnerability Number

V-78677

Documentable

False

Rule Version

TANS-SV-000015

Severity Override Guidance

Note: This requirement only applies to Tanium implementations in production. If implementation being evaluated is in development, this requirement is "Not Applicable".

Access the Tanium Server through interactive logon.

Drill to Program Files >> Tanium >> Tanium Server.

Open the tanium.license in Notepad and search for "allow_unsigned_import".

If "allow unsigned_import" is followed by ":true", this is a finding.

Check Content Reference

M

Target Key

3215

Comments